Dracula Logger

[Spoofer]

Dracula Logger

​

​

SCAN

​

Filename : Dracula_Logger.exe


Type : application/octet-stream


Filesize : 1015808 bytes


Date : 11/11/2013 - 18:41 GMT+2


MD5 : 701b97da47f919a627d4853a0d7870dc


SHA1 : 30ca438893c80b89459883b65ecf224dfe83ea28


Status : Infected


Result :18/33

 


AVG Free - Virus found PSW.ILUSpy


ArcaVir - OK


Avast - MSILAgent-TE [Drp]


AntiVir (Avira) - TR/Dropper.MSIL.Gen


BitDefender - GenVariant.Kazy.59581


VirusBuster Internet Security - OK


Clam Antivirus - OK


COMODO Internet Security - Malware@2ni2irt5ow4ms


Dr.Web - OK


eTrust-Vet - Win32/Tnega.XACC!suspicious


F-PROT Antivirus - OK


F-Secure Internet Security - GenVariant.Kazy.59581


G Data - GenVariant.Kazy.59581, MSIL


IKARUS Security - Win32.SuspectCrc


Kaspersky Antivirus - HEURTrojan.Win32.Generic


McAfee - RDN/Generic Dropper!ne


MS Security Essentials - OK


ESET NOD32 - Trojan.MSIL/Injector.VJ


Norman - winpe/Troj_Generic.LLWDF


Norton Antivirus - OK


Panda Security - OK


A-Squared - Win32.SuspectCrc!IK


Solo Antivirus - OK


Sophos - OK


Trend Micro Internet Security - OK


VBA32 Antivirus - OK


Ad-Aware - Trojan.Win32.Generic!BT


BullGuard - GenVariant.Kazy.59581


Immunet Antivirus - OK


K7 Ultimate - Trojan ( 001d712b1 )


NANO Antivirus - OK


Panda CommandLine - OK


VIPRE - Trojan.Win32.Generic=21BT

​

Features


-Mostly Undetected


-Custom Installation/Startup Path


-Icon Changer


-Assembly Changer


-Multi File Binder


-Cure (Removes infection if you happen to accidentally, or intentionally infect yourself)


-Installation Persistence


-Execution Guard


-Fake Error Message


-Multi File Downloader


-Melt (Self deletion after execution)


-UAC Bypass (Beta, may not work 100% of the time)


-Extension Spoofer


-Stealers


--Firefox


--Chrome


--Opera


--MSN


--DynDNS/No-IP


--FileZilla


--Pidgin


--IMVU


--Common CD Keys


--Bitcoin Wallet


--Minecraft .lastlogin

​

MY TEST

​

Download :

This link is hidden for visitors. Please Log in or register now.

​

 

[ernesplata]

Re: Dracula Logger

Hey can u upload it from another server? solidfiles never works on my pc ._. try with sendspace.com THX good:

 

[Spoofer]

Re: Dracula Logger

Hey can u upload it from another server? solidfiles never works on my pc ._. try with sendspace.com THX good:

Added Mirror :whistling:

 

[zaqara]

Re: Dracula Logger

Windows 8.1 64 bit not_i

 

[x_h0rr0r_x]

Re: Dracula Logger

Just to let you fellas know this shit is is keylogger its self..I would advise all of you to scan your computer with Malwarebytes

Creates file C:\Users\test\AppData\Roaming\Dracula Logger.exe

Queries DNS "smtp.gmail.com".

C:\Users\test\Desktop\Dracula_logger\Dracula_Logger.exe Connects to "74.125.134.108" on port 587 (TCP - SMTP).

C:\Users\test\Desktop\Dracula_logger\Dracula_Logger.exe Connects to "23.72.224.200" on port 80 (TCP - HTTP).

Creates process "C:\Users\test\AppData\Roaming\Dracula Logger.exe,

C:\Users\test\AppData\Roaming\Dracula Logger.exe" , C:\Users\test\Desktop\Dracula_logger".

Injects code into process "C:\Sandbox\test\DefaultBox\user\current\AppData\Roaming\Dracula Logger.exe".

Creates value "Dracula Logger.exe=Dracula Logger" in key HKEY_CURRENT_USER\software\classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\C:\Sandbox\test\DefaultBox\user\current\AppData\Roaming


binary data=440072006100630075006C00610020004C006F0067006700650072000000

 

[sQuo]

Re: Dracula Logger

link changed / clean file

 

[x_h0rr0r_x]

Re: Dracula Logger

link changed / clean file

Thanks Hum,Just 1 question..Did you find a clean file or did you clean it yourself?